Internet users (“end users”) can gain access to the Internet through a subscription service offered by an Internet Service Provider (ISP). End users who gain access to the Internet in this way may include individuals, members of families, and employees of businesses. The ISP may operate servers which may provide services to end users. Such services may include transporting email, resolving domain names, providing access to the World Wide Web (“the Web”), and others. The ISP's servers may be connected to one or more shared networks through which they can communicate with subscribers, other ISPs, and other types of entities.
A group of subscribing end users may access the Internet through user devices, which may include personal computers, tablets, smart phones, game boxes, and others. The user devices typically are connected to a subscriber network, which is normally a private network located on the subscriber premises, for example, in the subscriber's home or place of business. The subscriber network is connected through a gateway to a shared network, which may be interconnected to further shared networks. By this means a communication path may be established between each user device and the ISP's servers through the private network, the gateway, and one or more interconnected shared networks.
The subscriber may want to monitor and control (to exercise “device control”) the Internet usage by individual user devices. The subscriber's reasons for wanting to exercise device control may include protecting users of user devices from malicious Web sites, exercising parental control over a child's Internet activities, and tracking user devices' patterns of usage. A business subscriber may have additional reasons for device control, such as blocking employee access to sites that are not work-related, and protecting company servers from damage or unauthorized access.
The ISP may also desire to exercise device control over individual user devices. The ISP's reasons for device control may include identifying a user device that is violating the ISP's terms of service, for example by conducting a denial of service attack, and collecting more detailed information about the subscriber's patterns of usage than would be possible without distinguishing the activities of individual user devices.
The Internet industry has developed several device control technologies, each of which has certain disadvantages. One type of device control employs device control software that runs on each user device. This technology complicates the task of installing and configuring device control software by distributing it over many devices of different types. The ISP must provide, and the subscriber must install, a different implementation of device control software for each type of device. Because the user devices are under direct control of users, they are highly exposed to tampering by users who want to compromise device control. If a user attaches a device without device control software to the subscriber network, the user can evade device control completely.
Another type of device control employs a subscriber firewall to manage traffic passing through the subscriber's gateway. A subscriber firewall is an effective means of limiting user devices to approved types of Internet operations, for example by forbidding the use of certain communication protocols and communication with certain IP addresses, but it requires a large amount of processing power because it must analyze and process every message that passes between a user device and the ISP. Being located physically on the subscriber's premises at electronically near the user devices, it is susceptible to defeat by users.
It may be possible to control Internet usage through a Domain Name Service (DNS) server. A user device may initiate a session by sending a DNS query to find out a network name of an Internet service associated with a domain name. The DNS server can return an answer that includes an IP address of the Internet service that is represented by the domain name. The DNS server may exercise device control by returning a different IP address, or an error response, or no response at all, according to policies defined by the ISP or the subscriber or both. Device control by a DNS server is efficient, since it operates on DNS queries, which are smaller and less numerous than the messages that a firewall must process, and it is more secure than a subscriber firewall, because it is located away from the subscriber's premises and behind the ISP's firewall, but the type of control it can exercise is limited because the information available to it is limited as well. For example, the DNS server cannot distinguish among different pathnames because a DNS query contains only a domain name, not a full pathname. It also cannot operate on the content of a request to or a response from an Internet service because the DNS server never receives such requests and responses, but only DNS queries.